Preview

Role Mining - Revealing Business Roles for Security Administration Using Data Mining Technology

Powerful Essays
Open Document
Open Document
5822 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Role Mining - Revealing Business Roles for Security Administration Using Data Mining Technology
Role Mining - Revealing Business Roles for Security Administration using Data Mining Technology
Martin Kuhlmann
Dalia Shohat
SYSTOR Security Solutions GmbH
Hermann-Heinrich-Gossen-Strasse 3
D 50858 Cologne
[martin.kuhlmann|dalia.shohat]
@systorsecurity.com
Gerhard Schimpf
SMF TEAM IT-Security Consulting
Am Waldweg 23
D 75173 Pforzheim
Gerhard.Schimpf@smfteam.de
ABSTRACT
In this paper we describe the work devising a new technique for role-finding to implement Role-Based Security Administration.
Our results stem from industrial projects, where large-scale customers wanted to migrate to Role-Based Access Control
(RBAC) based on already existing access rights patterns in their production IT-systems.
The core of this paper creates a link between the use of well established data mining technology and RBAC. We present a process for detecting patterns in a data base of access rights and for deriving enterprise roles from these patterns. Moreover, a tool
(the SAM Role Miner) is described. The result allows an organized migration process to RBAC with the goal of building a single point of administration and control, using a cross-platform administration tool.
Categories and Subject Descriptors
D.4.6 [Operating Systems]: Security and Protection – Access
Controls; H.2.0 [Information Systems]: General – Security,
Integrity, and Protection; K.6.5 [Management of Computing and Information Systems]: Security and Protection.
General Terms
Management, Security.
Keywords
Role-Based Access Control, Enterprise Systems Management,
Provisioning, Identity Management, Data Mining, Migration,
Role Engineering, Security Administration, Security Data
Models, Security Management, Single Point of Administration and Control.
1. Introduction
For several years now, many large-scale enterprises have been realizing savings through a reduction of the overall workload and through quality improvements in their enterprise wide identitybased
security


References: Review, vol. 15(1), 1997. KG, Köln, Germany (1999). E. Krieger Publishing Company, 1979. Computer Security Conference, Baltimore, MD, USA, 1992. at 2nd ACM Workshop on Role-Based Access Control, Fairfax, Virginia, USA, 1997. IEEE Computer, vol. 29(2), 1996. Germany, 2000. Workshop on Role-Based Access Control, Berlin, Germany, 2000. presented at 5th ACM Workshop on Role-Based Access Control, Berlin, Germany, 2000. Gaithersburg, MD, USA, 1995. Workshop on Role-Based Access Control, Fairfax, VA, USA, 1997. Role-Based Access Control, Fairfax, VA, USA, 1999. Information and System Security, Vol. 2 (No. 1, Febr), 1999. Informationssysteme GmbH, December 10, 1998. Kommunikations- und EDV Sicherheit 5/00, 2000.
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Plc Advisor Role Analysis
    • 378 Words
    • 2 Pages

    Plc Advisor Role Analysis

    Being the PLC advisor comes with multiple roles and responsibilities. They need to be dependable, organized, committed to the position, and a mentor and role model for the freshmen class. Coming into your first year of college is an exciting, stressful, and confusing time. Having someone to go to when you need advice or just want to talk was very helpful for me. I would love to be that person for next year’s freshmen as they transition into life at OU.…

    • 378 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    Security Services Administration and Management
    • 1277 Words
    • 6 Pages

    Security Services Administration and Management

    The historical development of private security in the United States has changed drastically over the centuries. The need for private security has grown as well. There are many gaps and areas for intrusion within the current public law enforcement system, almost mandating the necessity for private security. As the need and expectations for the private security grows, so will the qualifications for these positions. Understanding the history of the industry development creates a way to learn from the past, and make necessary changes for the future. Private security is the backbone of the American culture, and will continually evolve to prevent and protect society from any type of potential harm.…

    • 1277 Words
    • 6 Pages
    Better Essays
    Read More
  • Powerful Essays

    Security Domain and Strategies
    • 1171 Words
    • 5 Pages

    Security Domain and Strategies

    The Richman Company is a successful and prosperous firm with branches in eight locations throughout the country and Canada. To support its growth, the company uses both an intranet and an extranet network. These networks are essential to the successful operation of the company because they provide the means of communicating with all employees, who use the intranet to enroll in company benefit programs. These networks also allow all of the company’s business partners, vendors and privileged customers to gain information about the company. In recent years, the company has been expanding rapidly. As one of the company’s interns, I have been asked to analyze the company’s vulnerabilities and make a plan to protect company assets and to utilize available technology most effectively. Before making the final proposal, I examined Richman’s use of the intranet and the extranet networks and found problems that require immediate attention.…

    • 1171 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Better Essays

    A CAREER AS AN INFORMATION SECURITY MANAGER
    • 1356 Words
    • 5 Pages

    A CAREER AS AN INFORMATION SECURITY MANAGER

    The position of Information Security Manager is a high-level security position, who reports to the Chief Information Security Officer. There is a need to have advanced technical skill, as well as management abilities. The Information Security Manager controls the Information Security Group, which includes staff, technology, projects, and incident response. There are many…

    • 1356 Words
    • 5 Pages
    Better Essays
    Read More
  • Good Essays

    Role Delineation Research Paper
    • 335 Words
    • 2 Pages

    Role Delineation Research Paper

    Religious interpreter’s roles in religious settings can sometimes be role shifted towards a leader, a counselor, or a director. In simpler terms, interpreters don’t always act the way they are supposed to and forget what they are at the event for; to interpret. They can start to advise or add in their own opinions during the interpretation process. This is something interpreters absolutely should not do. An efficient religious interpreter interpreting for a faith they do not believe in will not change their role. They will interpret the message without adding their own personal opinions or advisement into the interpretation. Role delineation can have a vast impact on these interpreters in many ways. Suppose the interpreter…

    • 335 Words
    • 2 Pages
    Good Essays
    Read More
  • Good Essays

    Role Based Access Control
    • 598 Words
    • 3 Pages

    Role Based Access Control

    Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. It restricts the system access to authorized users only. It was developed to overcome the complexities of managing individual user permissions and their assignments. Security administration of large systems is complex, but it can be simplified by a role-based access control approach. A family of increasingly complex models shows how RBAC works.…

    • 598 Words
    • 3 Pages
    Good Essays
    Read More
  • Better Essays

    Roles and Functions
    • 1105 Words
    • 5 Pages

    Roles and Functions

    The statutory law is created by legislation (Congress) and get approve or disapprove by the executive branch (The President). The process of drafting a federal statue is called a bill and when it is approved by the President it turns to become a law, However when the bill pass with two/thirds of the votes it becomes automatically a law. At the state level a bill can be called something different depending on the state and it becomes a law when the governor signs the state statue. Administrative law is law that is authorized by executive branch agencies and independent government agencies. Common law is the law created by the courts in similar cases and use to establish principals in base to resolve disputes between parties. Also, is use as a guideline for other cases in…

    • 1105 Words
    • 5 Pages
    Better Essays
    Read More
  • Good Essays

    Career in Computer Security Analyst
    • 499 Words
    • 2 Pages

    Career in Computer Security Analyst

    A Computer Security Specialist implements, plans and coordinates security measures for information systems. Computer Security Specialists create plans to guard computer files against cyber attacks, unauthorized modification, accidental, destruction and disclosure. Employees talk with users to mediate security violations, programming changes, and issues arising from computer data access needs. Computer Security Specialists erect firewalls and encrypt data transmissions to conceal confidential information. The educational requirements for becoming a computer security specialist vary. Some jobs may require only a computer-related associate degree. However, a bachelor’s degree in information Systems or Computer Science is a prerequisite for some jobs. The employment outlook from now until 2020 is projected to grow 22 percent. Demand for information security analysts is expected to become very high as cyber attacks have become more sophisticated and frequent. Industries such as the healthcare and financial sector are expected to hire more computer security specialists, as they need to protect their clients’ information. Also, the use of cloud services requires service firms to take measures to ensure their data is safeguarded so customers can access storage, software and other computer services of the internet securely. The federal government is also expected to hire more computer security specialists, as they will need to protect the nation’s critical IT systems. The wage data from the Bureau of Labor Statistics indicates that the starting wage is $20 per hour, leading into the average wage of $34 per hour. The average 50 percent of computer security specialists earn about $46,000 to $73,600 annually. Working in a certain industry affects your level of pay. For example, a computer security specialist hired by a wired telecommunication carrier makes an average of $65,100 annually, while working for a university earns $51,400…

    • 499 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    Business Risks And Security Assessment

    • 2564 Words
    • 15 Pages

    Business Risks And Security Assessment

    Proceedings of the 8th WSEAS Int. Conference on Mathematics and Computers in Business and Economics, Vancouver, Canada, June 19-21, 2007…

    • 2564 Words
    • 15 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Data Mining for Business Intelligence: An Overview
    • 1101 Words
    • 9 Pages

    Data Mining for Business Intelligence: An Overview

    Overview: Chapter 2 Data Mining for Business Intelligence Shmueli, Patel & Bruce Core Ideas in Data Mining Classification Prediction Association Rules Data Reduction Data Visualization and exploration Two types of methods: Supervised and Unsupervised learning Supervised Learning Goal: Predict a single “target” or “outcome” variable Training data from which the algorithm “learns” – value of the outcome of interest is known Apply to test data where value is not known and will be predicted Methods: Classification and Prediction Unsupervised Learning Goal: Segment data into meaningful segments; detect patterns There is no target (outcome) variable to predict or classify – no need to partition data Methods: Association rules, data reduction & exploration, visualization, clustering Supervised Classification: Goal: Predict categorical target (outcome) variable Examples: Purchase/no purchase, fraud/no fraud, creditworthy/not creditworthy… Target variable is often binary (yes/no) Prediction Goal: Predict numerical target (outcome) variable Examples: sales, revenue, performance Taken together, classification and prediction constitute predictive analytics Unsupervised: Association Rules Goal: Produce rules that define “what goes with what” Example: “If X was purchased, Y was also purchased” Rows are transactions Used in recommender systems – “Our records show you bought X, you may also like Y” Amazon.com, Netflix.com Also called affinity analysis or market basket analysis…

    • 1101 Words
    • 9 Pages
    Satisfactory Essays
    Read More
  • Powerful Essays

    Empowering Cyber Security Leaders and Info Security Job Stability
    • 9773 Words
    • 40 Pages

    Empowering Cyber Security Leaders and Info Security Job Stability

    The biannual (ISC)2 Global Information Security Workforce Study reveals infosec as a hot career choice.…

    • 9773 Words
    • 40 Pages
    Powerful Essays
    Read More
  • Good Essays

    Division Of Roles And Responsibilities Analysis
    • 728 Words
    • 3 Pages

    Division Of Roles And Responsibilities Analysis

    The Division of Roles and Responsibilities: Although it won't guarantee policy integration, but within an organization, the division of roles and responsibilities can have a variety of impacts with respect to working practices. An example is the reframing of the Cambridgeshire County Council's internal structure in 1996 that merged the transport, planning, and environmental departments which subsequently made the joint working simpler. The German political system has a clear demarcation between legislative instruments and responsibilities at all different levels of policy making. It uses the approach of establishing mirror limits in each of its departments of government which in some sense has fruitfully helped in establishing policy integration there. Another approach is the formal consultation of the ministries with other departments before taking any decision. Despite these strategies, there exist segmented policies primarily the transport and…

    • 728 Words
    • 3 Pages
    Good Essays
    Read More
  • Powerful Essays

    SAP HANA SPS 07: Security
    • 4051 Words
    • 24 Pages

    SAP HANA SPS 07: Security

    1. In Microsoft Active Directory, for each host and alias register new service principal names and map them to the…

    • 4051 Words
    • 24 Pages
    Powerful Essays
    Read More
  • Good Essays

    Importance of Clear Decision Roles to Enhance Organizational Performance
    • 6941 Words
    • 28 Pages

    Importance of Clear Decision Roles to Enhance Organizational Performance

    Your organization can become more decisive—and can implement strategy more quickly—if you know where the bottlenecks are and who’s empowered to break through them.…

    • 6941 Words
    • 28 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Role Clarity Through Competency Mapping
    • 777 Words
    • 4 Pages

    Role Clarity Through Competency Mapping

    04-Oct-12 1 Human Resource Management: Overview Management Essentials • Management is the process of efficiently and effectively achieving the objectives of the organization with and through people. What is an Organization? Purpose Structure People Management Essentials • Primary Functions of Management – Planning – establishing goals. – Organizing – determining what activities need to be done.…

    • 777 Words
    • 4 Pages
    Satisfactory Essays
    Read More

Related Topics